After just installing iptables, it will have no rules on the INPUT, OUTPUT or FORWARD chains:

# iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

And the default policy on each chain is “ACCEPT”, which means there are no restrictions: any incoming and any outgoing packets are allowed.

(more…)

One of most useful things with regards running xen on your VPS server  , apart from the guaranteed RAM, and the ability to hard reboot your machine is also the ability to configure IPtables on your Machine.

Some of the main features functions available with Iptables is the following:

•    Build internet firewalls based on stateless and stateful packet filtering
•    Use NAT and masquerading for sharing internet access if you don’t have enough public IP addresses
•    Use NAT to implement transparent proxies
•    Aid the tc and iproute2 systems used to build sophisticated QoS and policy routers
•    Do further packet manipulation (mangling) like altering the TOS/DSCP/ECN bits of the IP header

In most Linux installs iptables has become a standard option, especially centos. There is a very good chance that iptables is already installed on your machine. Check by:

1.    Opening a terminal window (making sure to be logged in as root).
2.    Typing: # iptables
4.    If iptables is installed, you should get the following message: iptables v1.2.8: no command specified Try ‘iptables -h’ or             ‘iptables –help’ for more information
5.    If this message does not appear, then follow the directions below to install iptables.

(more…)